“Our critical infrastructure continues to be at risk from threats in cyberspace, and our economy is harmed by the theft of our intellectual property. Although the threats are serious and they constantly evolve, I believe that if we address them effectively, we can ensure that the Internet remains an engine or economic growth and a platform for the free exchange of ideas” (Obama, 2014). This is what United States President Barack Obama had to say in a statement when launching the United States Framework for Improving Critical infrastructure Security in February 2014.
This only highlights the importance of cyber security in our daily lives. But how would countries go about “effectively addressing” such issues of cyber security to improve their regional level of cyber risk reduction? How does is differ from national approaches? What are some of the benefits, and are there any further risks with this approach? These are some of the questions that arise. With cyberspace having an international presence, it is important to maintain collaboration between countries in their efforts against cyber crime (Grabosky, 2001). This is may be particular in regions such as the Asia Pacific (APAC) with varying levels of Internet penetration and an increasing number of users as more people are becoming connected (Petrazzini, Kibani, 1999).
According to a study by Microsoft, the cost of cybersecurity breaches are the highest in the APAC region (Microsoft Asia Pacific News Center, 2014). This is particularly due to the propagation of malware and possibly the vulnerability of several economies within the region. As the Internet is becoming increasingly popular with the use of such services as social media and cloud computing, it has become a priority to have a regional effort to build cyber risk reduction.
Currently the leading regional organisation in the Asia Pacific is APCERT (Asia Pacific Cyber Emergency team) which has been set up with the sole purpose of ensuring Internet security for those in the APAC region (ACPERT, 2014). Other regional organisations have also included cybersecurity as one of their priority areas in developing and protecting the region. An example of such an organisations is ASEAN (Association of South East Asian Nations) who launched cybersecurity cooperation in 2013 (ASEAN, 2013). International cybersecurity bodies have also made APAC a priority region in the fight against cyber risks. ICSPA, the International Cyber Security Protection Alliance have established themselves in the region to help in the fight within the region (ICSPA, 2014).
The regional approach is not without it's challenges and risks, however. The same global and national challenges with cyber security are still faced. Such challenges the growing volume of users to protect as Internet adoption grows with the aid of mobile devices and social media usage, particularly in the developing world (Rainie & Pouhsta, 2014). This is a particular concern for the APAC region with many member states being developing countries. The region is also not immune to the global challenges of new vulnerabilities that may arise due to newer services such as cloud computing being introduced and the increasing sophistication of cyber attacks (Lipson, 2002).
Apart from such technological challenges, the are also the organisational and diplomatic challenges to navigate, as is the case when garnering the required support for any regionally organised effort. However, history has shown that these challenges can be resolved in one way or another and organised efforts can be made in order to achieve a common goal within a region.
But what are the benefits of taking a regional on reducing cyber risks? With all countries not having the same resources, having a regional effort against cybercrime can benefit all countries as resources can be shared within the joint effort. This can be seen in other regional organisations that work toward a common goal. Also, with different jurisdictions within the region, it makes it difficult for law enforcement to prosecute cybercrime offenders who often commit their crimes beyond their own borders (Broadhurst, 2006). Thus taking a regional approach can aid in having member countries make necessary legislative adjustments to ensure perpetrators are accountable for their actions. Also, cyber criminals often do not work in isolation but are members of cyber crime networks that span over different countries and even continents (Choo & Smith, 2008). Having a coordinated effort would allow monitoring and policing such groups to be done more effectively than would otherwise be achieved. An example is the arrest of over 700 members of a global pedophile network running an Internet chat room called “Kids, the Light of Our Lives” in 2007 (Choo & Smith ). Such arrests would not have been possible without a coordinated effort between the states involved. Apart from these major benefits, there are also benefits such as having a link to a global effort on reducing cyber risks.
Hence, it can be seen that some of the challenges faced in reducing cyber risks can be aided by taking a regional approach against cyber crime. Although not without it's own set of challenges, being part of a regional effort can greatly improve a countries level of cyber risk reduction.
Asia Pacific Computer Emergency Response Team, Available from: http://www.apcert.org/ [9
Broadhurst, R. 2006. Developments in the global law enforcement of cyber-crime. Policing: An
International Journal of Police Strategies & Management,29(3), 408-433.
Choo, K. K. R., & Smith, R. G. 2008. Criminal exploitation of online systems by organised crime
groups. Asian journal of criminology, 3(1), 37-59.
Grabosky, P. 2001. The Global and Regional Cyber Crime Problem. Proceedings of the Asia Cyber
Crime Summit, 22-42.
International Cyber Security Protection Alliance 2014, Establishing the International Cyber Security
Protection Alliance in Asia Pacific, Available from:
Petrazzini, B., & Kibati, M. 1999. The Internet in developing countries.Communications of the ACM,
Lipson, H. F. 2002. Tracking and tracing cyber-attacks: Technical challenges and global policy issues
(No. CMU/SEI-2002-SR-009). CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE
Microsoft 2014, Cost of Cyber-Security Breeaches Highest in Asia Pacific. Available from:
http://www.microsoft.com/apac/news/PlayItSafe.aspx [9 November 2014]
Rainie & Poushta 2014, Emerging nations catching up to U.S. on technology adoption, especially
mobile and social media use. Available from: http://www.pewresearch.org/fact-
social-media-use/ [November 7 2014]